All news with #modbus tag

Shelly Pro 3EM Out-of-Bounds Read Causes Reboots and DoS

⚠️ A remote-accessible out-of-bounds read vulnerability (CVE-2025-12056) in Shelly Pro 3EM can be triggered by a specially crafted Modbus request to force the device to access illegal memory addresses and reboot. CISA assigns a CVSS v4 score of 8.3 and warns this may result in a denial-of-service condition. Shelly did not respond to coordination; users should contact the vendor, keep devices updated, minimize network exposure, and follow recommended ICS defensive practices.